ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2015, Vol. 52 ›› Issue (4): 898-906.doi: 10.7544/issn1000-1239.2015.20131909

Previous Articles     Next Articles

Detection of JNI Memory Leaks Based on Extended Bytecode

Jiang Tingyu1,Wang Peng1,Yang Shu1,Ru Zhen1,Dong Yuan1,Wang Shengyuan1,Ji Zhiyuan2   

  1. 1(Department of Computer Science and Technology, Tsinghua University, Beijing 100084); 2(High Technology Research and Development Center, Ministry of Science and Technology, Beijing 100044)
  • Online:2015-04-01

Abstract: The Java native interface(JNI)enables Java code running in a Java virtual machine(JVM) to be called by native code, but the difference of security features between languages makes it a security weakness, which cannot be detected by existing analysis methods. Commonly used detection methods are mainly based on the analysis of intermediate language, which is invalid in this JNI case, since the lack of an intermediate representation to bridge Java and C++. This paper analyzes JNI from a Java/C++ cross-language perspective and focuses on memory leaks which frequently occur in JNI calls. In order to overcome language barriers, this paper proposes extended Bytecode (Bytecode*) instructions as interpretation of C++ semantics. Our contributions are described as follows: 1)Define a block memory model which is compatible with both Java and C++;2) Design translation rules from C++ to extended Java Bytecode based on LLVM/LLJVM;3)Construct a method call graph, extract abstract and detect memory leaks in JNI calls by interprocedural analysis. Experiments on typical JNI code with memory leak features show that our analysis work can detect memory leaks in Java/C++ accurately, and is of important significance in cross-linguistic programming and vulnerability analysis.

Key words: Java native interface (JNI), cross-linguistic analysis, semantic extension, Bytecode, memory leak

CLC Number: